Lucene search
MitreCVE-2008-1624HistoryApr 02, 2008 - 5:44 p.m.
CVE-2008-1624
2008-04-0217:44:00
CWE-22
mitre
web.nvd.nist.gov
35
cve-2008-1624
directory traversal
jshop server
remote code execution
security vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.021
Percentile
89.4%
Directory traversal vulnerability in v2demo/page.php in Jshop Server 1.x through 2.x allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the xPage parameter.
Affected configurations
Node
whorl_ltdjshop_serverMatch1
ORwhorl_ltdjshop_serverMatch2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| whorl_ltd | jshop_server | 1 | cpe:2.3:a:whorl_ltd:jshop_server:1:*:*:*:*:*:*:* |
| whorl_ltd | jshop_server | 2 | cpe:2.3:a:whorl_ltd:jshop_server:2:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2008-04-02 17:44:00
exploitdb
exploitdb
JShop 1.x < 2.x - 'xPage' Local File Inclusion
2008-03-30 00:00:00
cvelist
cvelist
CVE-2008-1624
2008-04-02 17:00:00
nvd
nvd
CVE-2008-1624
2008-04-02 17:44:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.021
Percentile
89.4%
Related for CVE-2008-1624